D

Deleted member 2913

On my family system I like to disable alerts i.e no alerts are shown but would like AV alert to notify i.e Quarantined alert & not the alert that ask Clean/Ignore.

But the prob is if I choose not to show alerts then AV notify alert is also not shown.
And if you choose AV alert to show then you get Clean/Ignore alert but I want Quarantined alert.
 
  • Like
Reactions: Der.Reisende

Enju

New Member
Is there any possibility to just use the Sandbox and HIPS without the Firewall "nonsense" or is it necessary to install it?
 
  • Like
Reactions: Der.Reisende
R

rocky

CFW with this configuration is what works best here on two computers one playing kids games and shared by me. The other my wife banks and shops on. ( we really don't have a choice we are very rural) I have tried alot of different options but nothing comes close for protection or convenience in my opinion. Thanks Again, cruelsister
 
  • Like
Reactions: Der.Reisende

Enju

New Member
You could always install Comodo firewall and use the sandbox and HIPS and disable the firewall but Comodo's firewall is excellent and well worth having on your system.
I use a hardware based firewall, so I do not need a second one... but I'm still interested in the HIPS and sandbox.
 

cruelsister

Level 36
Content Creator
Trusted
Verified
Yesnoo- Sadly what you want can't be done. The Virus alert popup can certainly be turned on, but will give you the "Clean/Ignore" thingy that you don't want. However with the settings I suggest you will get a Windows popup as seen at 3:02 of the Video when the alphacrypt trojan was run.

Enju- PLEASE don't consider the Firewall nonsense. The Firewall being active with the switch made at 1:26 is absolutely CRITICAL for protection. Without this, things like zero-day keyloggers and Bankers will be able to transmit your data out to the Blackhats; with it in place you are protected whether or not the malware is detected.

The unneeded part is actually the HIPS component, as the HIPS will just alert you to malware that are running in the sandbox that can't make system changes anyway. The HIPS will also alert to valid processes which is nothing more than an annoyance.

Moose- Thanks- I'm working up one currently that shows the futility of considering MB and HMP as the One Word Of Truth in deciding if a system is clean at the end of YouTube reviews.

Yigido- Thank you for your kind words.
 
D

Deleted member 2913

Cruelsister,

How safe is Virtual Kiosk used with its Virtual Keyboard for banking/online shopping?

I dont do much online shopping/banking, kind of medium user for such things so think VK will be better & easy than using any password manager for me.

But I guess anything running sandboxed or under VK will not be allowed to connect to the net as per our settings i.e "Dont show popups" set to "Block", right?
Guess I will have to allow the browser so any security prob here?
 

Enju

New Member
Enju- PLEASE don't consider the Firewall nonsense. The Firewall being active with the switch made at 1:26 is absolutely CRITICAL for protection. Without this, things like zero-day keyloggers and Bankers will be able to transmit your data out to the Blackhats; with it in place you are protected whether or not the malware is detected.
I'm using a Sophos UTM and set up rules manually... the firewall is not needed since I had to manually allow the outbound traffic of the keylogger, so yeah it's unneeded on my setup.
 
  • Like
Reactions: Der.Reisende

cruelsister

Level 36
Content Creator
Trusted
Verified
YN- The Virtual Kiosk can be viewed as specific in that it will work (and work well) when the user calls it up, and only when the user calls it up. The settings I suggest would provide the same protection everywhere all the time. So VK really would not add anything.

Enju- I apologize for reaching a conclusion that was not true. I inferred that you found Outbound network protection to be unneeded (which by your post is obviously not the case at all). It's just after a number of years hearing from Normals that Windows firewall is enough and from IT "Pros" that there isn't any reason to analyze Network traffic I get a little jumpy.
 

Tony Cole

Level 27
I just saw the review by The PC Security Channel and Comodo, once again a total fail. Click a desktop .exe and Comodo will not block it, only if it comes from the internet. CryptoWall here we come.
 
  • Like
Reactions: Der.Reisende

cruelsister

Level 36
Content Creator
Trusted
Verified
The review that you reference essentially uses Comodo at default settings, which even I would never consider doing. Although I am reticent to criticize other reviews and reviewers, if you see any videos on Comodo where emphasis is put on the AV component, this is a fairly clear indicator that ether the reviewer is ignorant of the true strength of Comodo (virtualization) and how to properly use it, or just hasn't kept up with current Security theory, or both.
 
D

Deleted member 2913

I just saw the review by The PC Security Channel and Comodo, once again a total fail. Click a desktop .exe and Comodo will not block it, only if it comes from the internet. CryptoWall here we come.
Guess desktop.exe, etc... was already there on the system before CIS install, right?
 
  • Like
Reactions: Der.Reisende
D

Deleted member 2913

YN- The Virtual Kiosk can be viewed as specific in that it will work (and work well) when the user calls it up, and only when the user calls it up. The settings I suggest would provide the same protection everywhere all the time. So VK really would not add anything.

Enju- I apologize for reaching a conclusion that was not true. I inferred that you found Outbound network protection to be unneeded (which by your post is obviously not the case at all). It's just after a number of years hearing from Normals that Windows firewall is enough and from IT "Pros" that there isn't any reason to analyze Network traffic I get a little jumpy.
If FW is set to "block" & "dont show popups" is selected then under VK too no connection is allowed.

How to allow browsers to connect under VK & sandboxed?
Should I temporarily allow connection & use browsers under VK & sandboxed?
 
  • Like
Reactions: Der.Reisende

Tony Cole

Level 27
So, why does Comodo sell to everyday users, surly not everyone who buys/uses Comodo knows how to configure all the settings? If that's the case, then it's a total waste of time/space. In the AV world how many people just install, update and scan, a lot! I would think The PC Security Channel gentlemen must know, he has just started to work for Emsisoft's malware team.

Of course, if you did have a pdf file, which was actually CryptoLocker Comodo (at default settings, which most use) then it would do nothing. You use to be able to change the setting so both the desktop and internet downloads where secure, and you were protected, now they've taken that option away.
 
Last edited by a moderator:
  • Like
Reactions: Der.Reisende

cruelsister

Level 36
Content Creator
Trusted
Verified
YN- use my settings and forget about VK- using VK is only of value if Comodo is at default.

Terry- As I've said many times over the past few years, never use Comodo at default (we agree). As to why Comodo uses these default settings I have no idea. I do know, however, that the 30 seconds or so it takes to make changes (as in the video) makes CF second to none in protection while at the same time typically using a trivial amount of resources. As far as everyone not knowing about this, I also agree. Although sad, I really have to be concerned with only friends and those reading my posts. Anything else would be a burden.
 
D

Deleted member 2913

Cruelsister,

The video Tony is talking about, was the malware file already present on the system before CIS install?
 
  • Like
Reactions: Der.Reisende

cruelsister

Level 36
Content Creator
Trusted
Verified
It's really impossible to say as the Reviewer did not give us any baseline from which to judge. Nevertheless, the test was done with sub-optimal settings, so who really should care?